|
|
|
|
|
|
by viraptor
3955 days ago
|
|
|
> You can easily test for safety How do you define easily? Afaik, state of art is still: static analysis, maximum pedantic level from the compiler, 100% coverage, lots of fuzzing, lots of logic testing... and it still doesn't stop you from getting owned via one of the libraries you include (JSON, http parsing, ...). Is that not the case? It seems far from easy, if you compare to (for example) python framework where almost all of the code is pure-python. Edit: I meant practical state of art. Sure, you can prove your webapp secure if you have enough time. But nobody would seriously do that. |
|
|